<?php
/*************************
说明：
判断传递的变量中是否含有非法字符
如$_POST、$_GET
功能：
防注入
**************************/
//要过滤的非法字符
$ArrFiltrate=array("'",";","union","`","and","exec","insert","select","delete","update","count","chr","char");
//出错后要跳转的url,不填则默认前一页
$StrGoUrl="";
//是否存在数组中的值
function FunStringExist($StrFiltrate,$ArrFiltrate){
	foreach ($ArrFiltrate as $key=>$value){
		if (eregi($value,$StrFiltrate)){
			return true;
		}
	}
	return false;
}

?>